Skip to main content

← All SBOMs

v1.83.6 SBOM

Released 2026-05-29. Graph-engine code-review pass. Blast-radius verdicts (Confirmed Compromised, Potentially Compromised, Observed Accessed) had been shipping with empty evidence_refs since the graph engine landed: GraphBuilder populated the field on edges, but the traverser was reading it off nodes, so every verdict cited no underlying evidence. Refs are now threaded from the BFS path edges and qualifying in-edges so each verdict ships with the evidence rows that drove it. Floored attack-path endpoints (introduced in 1.83.5) were persisted carrying the stale 'No audit logs available' coverage note from their prior UNKNOWN state, contradicting the new verdict in the UI; the note is now cleared on promotion. Blast-radius seed mapping had been calling the entity resolver's mutating resolve() path, silently minting a junk 'blast_radius_seed'-sourced entity for every unmatched seed string and inflating the per-investigation entity store every analysis run; switched to a new read-only EntityResolver.lookup_identifier. Internal cleanup: removed three dead EdgeType enum members (CAN_ACCESS, DELEGATED_TO, TRUSTS) that no GraphBuilder code path ever emitted, deleted the unused EntityType enum, halved the graph-persist SQL on every analysis (was DELETE+INSERT twice; now once at the end of the blast-radius block), and built the lowercase node-id index once and reused it across the three seed batches. No schema migrations. Backend and frontend dependency trees unchanged from 1.83.5.

Download the raw CycloneDX JSON: backend (174 deps)frontend (231 deps)

Format: CycloneDX 1.6. Each row below corresponds to a single entry in the JSON; the JSON is canonical, this table is a convenience view.

Backend (Python)

174 components.

PackageVersionLicense
aiofiles25.1.0
aiohappyeyeballs2.6.1
aiohttp3.13.5
aioresponses0.7.8
aiosignal1.4.0
aiosqlite0.22.1
annotated-doc0.0.4
annotated-types0.7.0
anthropic0.97.0
anyio4.13.0
arabic-reshaper3.0.1
asn1crypto1.5.1
attrs26.1.0
authlib1.7.2
bcrypt5.0.0
bidict0.23.1
blinker1.9.0
blis1.3.3
brotli1.2.0
catalogue2.0.10
certifi2026.4.22
cffi2.0.0
charset-normalizer3.4.7
click8.3.3
cloudpathlib0.24.0
confection1.3.3
configargparse1.7.5
contourpy1.3.3
coverage7.13.5
cryptography47.0.0
cssselect20.9.0
cycler0.12.1
cymem2.0.13
defusedxml0.7.1
distro1.9.0
docstring-parser0.18.0
dpkt1.9.8
evtx0.11.0
fastapi0.136.1
filelock3.29.0
flask3.1.3
flask-cors6.0.2
flask-login0.6.3
fonttools4.62.1
freetype-py2.5.1
frozenlist1.8.0
geographiclib2.1
geopy2.4.1
gevent25.9.1
geventhttpclient2.3.9
google-auth2.50.0
google-genai1.74.0
greenlet3.5.0
h110.16.0
html5lib1.1
httpcore1.0.9
httptools0.7.1
httpx0.28.1
idna3.13
iniconfig2.3.0
isodate0.7.2
itsdangerous2.2.0
jinja23.1.6
jiter0.14.0
joserfc1.6.5
kiwisolver1.5.0
ldap32.9.1
locust2.43.4
lxml6.1.0
markdown-it-py4.0.0
markupsafe3.0.3
matplotlib3.10.9
mdurl0.1.2
msgpack1.1.2
multidict6.7.1
murmurhash1.0.15
networkx3.6.1
numpy2.4.4
ollama0.6.2
openai2.33.0
oscrypto1.3.0
packaging26.2
phonenumbers9.0.29
pillow12.2.0
pluggy1.6.0
preshed3.0.13
presidio-analyzer2.2.362
propcache0.4.1
psutil7.2.2
pyasn10.6.3
pyasn1-modules0.4.2
pycairo1.29.0
pycparser3.0
pydantic2.13.3
pydantic-core2.46.3
pydantic-settings2.14.0
pydyf0.12.1
pygments2.20.0
pyhanko0.34.1
pyhanko-certvalidator0.30.2
pyjwt2.12.1
pyotp2.9.0
pyparsing3.3.2
pypdf6.10.2
pyphen0.17.2
pyspnego0.12.1
pytest9.0.3
pytest-asyncio1.3.0
pytest-cov7.1.0
pytest-timeout2.4.0
python-bidi0.6.7
python-dateutil2.9.0.post0
python-docx1.2.0
python-dotenv1.2.2
python-engineio4.13.1
python-multipart0.0.27
python-socketio5.16.1
python3-saml1.16.0
pywinrm0.5.0
pyyaml6.0.3
pyzmq27.1.0
regex2026.4.4
reportlab4.5.0
requests2.33.1
requests-file3.0.1
requests-ntlm1.3.0
rich15.0.0
rlpycairo0.4.0
ruff0.15.12
setuptools82.0.1
shellingham1.5.4
simple-websocket1.1.0
six1.17.0
smart-open7.6.0
smbprotocol1.16.1
sniffio1.3.1
spacy3.8.14
spacy-legacy3.0.12
spacy-loggers1.0.5
srsly2.5.3
starlette1.0.0
svglib1.6.0
tenacity9.1.4
thinc8.3.13
tiktoken0.12.0
tinycss21.5.1
tinyhtml52.1.0
tldextract5.3.1
tqdm4.67.3
typer0.25.1
typing-extensions4.15.0
typing-inspection0.4.2
tzlocal5.3.1
uritools6.1.0
urllib32.6.3
uvicorn0.46.0
uvloop0.22.1
wasabi1.1.3
watchfiles1.1.1
weasel1.0.0
weasyprint68.1
webencodings0.5.1
websocket-client1.9.0
websockets16.0
werkzeug3.1.8
wrapt2.1.2
wsproto1.3.2
xhtml2pdf0.2.17
xmlsec1.3.17
xmltodict1.0.4
yarl1.23.0
zope-event6.2
zope-interface8.4
zopfli0.4.1

Frontend (Node)

231 components.

PackageVersionLicense
asynckit0.4.0MIT
axios1.16.0MIT
bail2.0.2MIT
call-bind-apply-helpers1.0.2MIT
ccount2.0.1MIT
character-entities2.0.2MIT
character-entities-html42.1.0MIT
character-entities-legacy3.0.0MIT
character-reference-invalid2.0.1MIT
combined-stream1.0.8MIT
comma-separated-tokens2.0.3MIT
commander7.2.0MIT
core-util-is1.0.3MIT
csstype3.2.3MIT
d37.4.3MIT
d37.9.0ISC
d3-array3.2.2MIT
d3-array3.2.4ISC
d3-axis3.0.6MIT
d3-axis3.0.0ISC
d3-brush3.0.6MIT
d3-brush3.0.0ISC
d3-chord3.0.6MIT
d3-chord3.0.1ISC
d3-color3.1.3MIT
d3-color3.1.0ISC
d3-contour3.0.6MIT
d3-contour4.0.2ISC
d3-delaunay6.0.4MIT
d3-delaunay6.0.4ISC
d3-dispatch3.0.7MIT
d3-dispatch3.0.1ISC
d3-drag3.0.7MIT
d3-drag3.0.0ISC
d3-dsv3.0.7MIT
d3-dsv3.0.1ISC
d3-ease3.0.2MIT
d3-ease3.0.1BSD-3-Clause
d3-fetch3.0.7MIT
d3-fetch3.0.1ISC
d3-force3.0.10MIT
d3-force3.0.0ISC
d3-format3.0.4MIT
d3-format3.1.2ISC
d3-geo3.1.0MIT
d3-geo3.1.1ISC
d3-hierarchy3.1.7MIT
d3-hierarchy3.1.2ISC
d3-interpolate3.0.4MIT
d3-interpolate3.0.1ISC
d3-path3.1.1MIT
d3-path3.1.0ISC
d3-polygon3.0.2MIT
d3-polygon3.0.1ISC
d3-quadtree3.0.6MIT
d3-quadtree3.0.1ISC
d3-random3.0.3MIT
d3-random3.0.1ISC
d3-scale4.0.9MIT
d3-scale4.0.2ISC
d3-scale-chromatic3.1.0MIT
d3-scale-chromatic3.1.0ISC
d3-selection3.0.11MIT
d3-selection3.0.0ISC
d3-shape3.1.8MIT
d3-shape3.2.0ISC
d3-time3.0.4MIT
d3-time3.1.0ISC
d3-time-format4.0.3MIT
d3-time-format4.1.0ISC
d3-timer3.0.2MIT
d3-timer3.0.1ISC
d3-transition3.0.9MIT
d3-transition3.0.1ISC
d3-zoom3.0.8MIT
d3-zoom3.0.0ISC
debug4.1.13MIT
debug4.4.3MIT
decode-named-character-reference1.3.0MIT
delaunator5.1.0ISC
delayed-stream1.0.0MIT
dequal2.0.3MIT
devlop1.1.0MIT
dunder-proto1.0.1MIT
es-define-property1.0.1MIT
es-errors1.3.0MIT
es-object-atoms1.1.1MIT
es-set-tostringtag2.1.0MIT
estree1.0.8MIT
estree-jsx1.0.5MIT
estree-util-is-identifier-name3.0.0MIT
extend3.0.2MIT
fault1.0.4MIT
follow-redirects1.16.0MIT
form-data4.0.5MIT
format0.2.2MIT
function-bind1.1.2MIT
geojson7946.0.16MIT
get-intrinsic1.3.0MIT
get-proto1.0.1MIT
gopd1.2.0MIT
has-symbols1.1.0MIT
has-tostringtag1.0.2MIT
hasown2.0.3MIT
hast3.0.4MIT
hast-util-parse-selector2.2.5MIT
hast-util-to-jsx-runtime2.3.6MIT
hast-util-whitespace3.0.0MIT
hastscript6.0.0MIT
highlight.js10.7.3BSD-3-Clause
highlightjs-vue1.0.0CC0-1.0
html-url-attributes3.0.1MIT
iconv-lite0.6.3MIT
immediate3.0.6MIT
inherits2.0.4ISC
inline-style-parser0.2.7MIT
internmap2.0.3ISC
is-alphabetical2.0.1MIT
is-alphanumerical2.0.1MIT
is-decimal2.0.1MIT
is-hexadecimal2.0.1MIT
is-plain-obj4.1.0MIT
isarray1.0.0MIT
js-tokens4.0.0MIT
jszip3.10.1(MIT OR GPL-3.0-or-later)
lie3.3.0MIT
longest-streak3.1.0MIT
loose-envify1.4.0MIT
lowlight1.20.0MIT
lucide-react0.330.0ISC
markdown-table3.0.4MIT
math-intrinsics1.1.0MIT
mdast4.0.4MIT
mdast-util-find-and-replace3.0.2MIT
mdast-util-from-markdown2.0.3MIT
mdast-util-gfm3.1.0MIT
mdast-util-gfm-autolink-literal2.0.1MIT
mdast-util-gfm-footnote2.1.0MIT
mdast-util-gfm-strikethrough2.0.0MIT
mdast-util-gfm-table2.0.0MIT
mdast-util-gfm-task-list-item2.0.0MIT
mdast-util-mdx-expression2.0.1MIT
mdast-util-mdx-jsx3.2.0MIT
mdast-util-mdxjs-esm2.0.1MIT
mdast-util-phrasing4.1.0MIT
mdast-util-to-hast13.2.1MIT
mdast-util-to-markdown2.1.2MIT
mdast-util-to-string4.0.0MIT
micromark4.0.2MIT
micromark-core-commonmark2.0.3MIT
micromark-extension-gfm3.0.0MIT
micromark-extension-gfm-autolink-literal2.1.0MIT
micromark-extension-gfm-footnote2.1.0MIT
micromark-extension-gfm-strikethrough2.1.0MIT
micromark-extension-gfm-table2.1.1MIT
micromark-extension-gfm-tagfilter2.0.0MIT
micromark-extension-gfm-task-list-item2.1.0MIT
micromark-factory-destination2.0.1MIT
micromark-factory-label2.0.1MIT
micromark-factory-space2.0.1MIT
micromark-factory-title2.0.1MIT
micromark-factory-whitespace2.0.1MIT
micromark-util-character2.1.1MIT
micromark-util-chunked2.0.1MIT
micromark-util-classify-character2.0.1MIT
micromark-util-combine-extensions2.0.1MIT
micromark-util-decode-numeric-character-reference2.0.2MIT
micromark-util-decode-string2.0.1MIT
micromark-util-encode2.0.1MIT
micromark-util-html-tag-name2.0.1MIT
micromark-util-normalize-identifier2.0.1MIT
micromark-util-resolve-all2.0.1MIT
micromark-util-sanitize-uri2.0.1MIT
micromark-util-subtokenize2.1.0MIT
micromark-util-symbol2.0.1MIT
micromark-util-types2.0.2MIT
mime-db1.52.0MIT
mime-types2.1.35MIT
ms2.1.0MIT
ms2.1.3MIT
pako1.0.11(MIT AND Zlib)
parse-entities4.0.2MIT
prismjs1.30.0MIT
process-nextick-args2.0.1MIT
prop-types15.7.15MIT
property-information7.1.0MIT
proxy-from-env2.1.0MIT
qrcode.react4.2.0ISC
react18.3.1MIT
react18.3.28MIT
react-dom18.3.1MIT
react-markdown10.1.0MIT
react-router6.30.3MIT
react-router-dom6.30.3MIT
react-syntax-highlighter15.6.6MIT
readable-stream2.3.8MIT
refractor3.6.0MIT
remark-gfm4.0.1MIT
remark-parse11.0.0MIT
remark-rehype11.1.2MIT
remark-stringify11.0.0MIT
robust-predicates3.0.3Unlicense
router1.23.2MIT
runtime7.29.2MIT
rw1.3.3BSD-3-Clause
safe-buffer5.1.2MIT
safer-buffer2.1.2MIT
scheduler0.23.2MIT
setimmediate1.0.5MIT
space-separated-tokens2.0.2MIT
string_decoder1.1.1MIT
stringify-entities4.0.4MIT
structured-clone1.3.1ISC
style-to-js1.1.21MIT
style-to-object1.0.14MIT
trim-lines3.0.1MIT
trough2.2.0MIT
unified11.0.5MIT
unist3.0.3MIT
unist-util-is6.0.1MIT
unist-util-position5.0.0MIT
unist-util-stringify-position4.0.0MIT
unist-util-visit5.1.0MIT
unist-util-visit-parents6.0.2MIT
use-sync-external-store1.6.0MIT
util-deprecate1.0.2MIT
vfile6.0.3MIT
vfile-message4.0.3MIT
xtend4.0.2MIT
zustand4.5.7MIT
zwitch2.0.4MIT